But it seems to me that there are quite a number of considerations. And everyone seems to be arguing solely from the part of that list that exempts them.

When thinking about money managers, I would think of the following:

How is their liquidity managed? Can they really raise funds fast enough to satisfy a run on the bank?

If they were to try to liquidate their funds, what would that do to the financial markets?

How interconnected are they to other financial firms? Do regulators now have information about that?

What about the future? (Isn’t that our concern, not the past or even the current situation?)

Could they shift their liquidity practices to become much more illiquid?

Their argument revolves around leverage, how much could they change their leverage under their current regulations? They can quickly leverage through derivatives as well as borrowing.

Could they become the center of new risky financial behavior that would endanger the financial sector?

That last point is a major concern of regulators regarding the Insurance industry. And they have history on their side. The insurance industry helped the financial sector to blow the mortgage business up to 4 or 5 times the underlying.

All you need to do that is a big balance sheet and a willingness to take one side of a trade without balancing it with the other side. And the money managers as well as the insurance companies both have exactly those characteristics.

Like this:

Usually risk managers do not think of themselves as being at war. But a risk manager is facing a number of foes. And failure to succeed against those foes can result in the end of the enterprise. So maybe the risk manager can learn from The Art of War.

Sun Tzu’s The Art of War has 11 chapters. Each of these topics can be seen to have a lesson for risk managers.

Laying Plans explores the five fundamental factors that define a successful outcome (the Way, seasons, terrain, leadership, and management). By thinking, assessing and comparing these points you can calculate a victory, deviation from them will ensure failure. Remember that war is a very grave matter of state. The risk manager of course needs plans. Remember that risk management is a grave matter for the enterprise.

Waging War explains how to understand the economy of war and how success requires making the winning play, which in turn, requires limiting the cost of competition and conflict. Risk management does not run on an unlimited budget. In some cases risk managers have not completed their preparations because they have gone forward as if they could spend whatever it took to fulfill their vision for risk management. Of course risk management spending needs to be at a sensible level for the enterprise. Excessive risk management spending can harm an enterprise just as much as an unexpected loss.

Attack by Stratagem defines the source of strength as unity, not size, and the five ingredients that you need to succeed in any war. The risk manager succeeds best if they are able to get the entire organization to support the risk management efforts, not just a large corporate risk management department.

Tactical Dispositions explains the importance of defending existing positions until you can advance them and how you must recognize opportunities, not try to create them. The risk manager needs to build organizational strength to support risk management opportunistically. A risk management program that does not wait for the right opportunities will create internal enemies and will then be fighting both the external risks as well as the internal enemies.

Energy explains the use of creativity and timing in building your momentum. The risk manager also needs to be creative and needs to build momentum. The best risk management program fits well with the culture of the organization. That fit will need to be developed by creatively combining the ideas of risk management with the written and unwritten parts of the organizational imperatives.

Weak Points & Strong explains how your opportunities come from the openings in the environment caused by the relative weakness of your enemy in a given area. Quite often the risk manager will know the right thing to do but will not be able to execute except at extreme danger to their position in the firm. The openings for a risk manager to make the moves that will really lake a difference in the future of the firm come infrequently and without warning. The Risk manager must be looking at these openings and be ready and able to act.

Maneuvering explains the dangers of direct conflict and how to win those confrontations when they are forced upon you. Some thing that the risk managers job is the direct conflict with the important people in the firm who would put the firm in an excessively risky position. This in inadvisable

Variation in Tactics focuses on the need for flexibility in your responses. It explains how to respond to shifting circumstances successfully. Risk Management tactics will be the most successful if they are alligned with the actual risk environment. SeePlural Rationalities and ERM.

The Army on the March describes the different situations in which you find yourselves as you move into new enemy territories and how to respond to them. Much of it focuses on evaluating the intentions of others. Rational Adaptability is the process of assessing the risk environment and selecting the risk management strategy that will work best for the environment.

Terrain looks at the three general areas of resistance (distance, dangers, and barriers) and the six types of ground positions that arise from them. Each of these six field positions offer certain advantages and disadvantages. The risk environment has four main stages, Boom, Bust, Moderate and Uncertain.

The Nine Situations describe nine common situations (or stages) in a campaign, from scattering to deadly, and the specific focus you need to successfully navigate each of them. Companies must determine their risk taking strategy and their risk appetite by looking at the risk environment as well as at their risk taking capacity.

The Attack by Fire explains the use of weapons generally and the use of the environment as a weapon specifically. It examines the five targets for attack, the five types of environmental attack, and the appropriate responses to such attack.

The Use of Spies focuses on the importance of developing good information sources, specifically the five types of sources and how to manage them.

Like this:

In late 2008, the The CAS, CIA, and the SOA’s Joint Risk Management Section funded a research report about the Financial Crisis. This report featured nine key Lessons for Insurers. Riskviews will comment on those lessons individually…

5. It is important to develop a counterparty risk management system and establish counterparty limits.

Insurers need to fully understand several things about both credit and reinsurance to get this right.

First of all, in a credit or reinsurance situation, the insurer is usually trading uncertainty in the “expected” range of probabilities for a potential loss at a very high attachment point, the failure point for the counterparty.

Second of all, the insurer needs to recognize that the failure of their counterparty usually does not in any way change their obligation. When an insurer buys a bond, they are usually responsible to make payments to their policyholder regardless of whether the bond is good. When an insurer buys reinsurance they are still responsible to pay claims whether or not the reinsurer is able to meet its obligations.

The other consideration that is important to insurers is that they need to look for counterparty exposures everywhere in their operations. In each of their insurance lines as well as in every part of their investment portfolio. In firms where traditionally insurance and investments are treated as completelyt separate silos, risk managers are finding that both sides of the house are sometimes dealing with the exact same counterparties. Aggregation and management of these concentrations is key.

Some good and not so good parts to this conference. Hosted by Courant Institute of Mathematical Sciences, it was surprisingly non-quant. In fact several of the speakers, obviously with no idea of what the other speakers were doing said that they were going to give some relief from the quant stuff.

Sad to say, the only suggestion that anyone had to do anything “different” was to do more stress testing. Not exactly, or even slightly, a new idea. So if this is the future of risk management, no one should expect any significant future contributions from the field.

There was much good discussion, but almost all of it was about the past of risk management, primarily the very recent past.

Here are some comments from the presenters:

Banks need regulator to require Stress tests so that they will be taken seriously.

Most banks did stress tests that were far from extreme risk scenarios, extreme risk scenarios would not have been given any credibility by bank management.

VAR calculations for illiquid securities are meaningless

Very large positions can be illiquid because of their size, even though the underlying security is traded in a liquid market.

Counterparty risk should be stress tested

Securities that are too illiquid to be exchange traded should have higher capital charges

Internal risk disclosure by traders should be a key to bonus treatment. Losses that were disclosed and that are within tolerances should be treated one way and losses from risks that were not disclosed and/or that fall outside of tolerances should be treated much more harshly for bonus calculation purposes.

Banks did not accurately respond to the Spring 2009 stress tests

Banks did not accurately self assess their own risk management practices for the SSG report. Usually gave themselves full credit for things that they had just started or were doing in a formalistic, non-committed manner.

Most banks are unable or unwilling to state a risk appetite and ADHERE to it.

Not all risks taken are disclosed to boards.

For the most part, losses of banks were < Economic Capital

Banks made no plans for what they would do to recapitalize after a large loss. Assumed that fresh capital would be readily available if they thought of it at all. Did not consider that in an extreme situation that results in the losses of magnitude similar to Economic Capital, that capital might not be available at all.

Prior to Basel reliance on VAR for capital requirements, banks had a multitude of methods and often used more than one to assess risks. With the advent of Basel specifications of methodology, most banks stopped doing anything other than the required calculation.

Stress tests were usually at 1 or at most 2 standard deviation scenarios.

Risk appetites need to be adjusted as markets change and need to reflect the input of various stakeholders.

Risk management is seen as not needed in good times and gets some of the first budget cuts in tough times.

After doing Stress tests need to establish a matrix of actions that are things that will be DONE if this stress happens, things to sell, changes in capital, changes in business activities, etc.

Market consists of three types of risk takers, Innovators, Me Too Followers and Risk Avoiders. Innovators find good businesses through real trial and error and make good gains from new businesses, Me Too follow innovators, getting less of gains because of slower, gradual adoption of innovations, and risk avoiders are usually into these businesses too late. All experience losses eventually. Innovators losses are a small fraction of gains, Me Too losses are a sizable fraction and Risk Avoiders often lose money. Innovators have all left the banks. Banks are just the Me Too and Avoiders.

T-Shirt – In my models, the markets work

Most of the reform suggestions will have the effect of eliminating alternatives, concentrating risk and risk oversight. Would be much safer to diversify and allow multiple options. Two exchanges are better than one, getting rid of all the largest banks will lead to lack of diversity of size.

Problem with compensation is that (a) pays for trades that have not closed as if they had closed and (b) pay for luck without adjustment for possibility of failure (risk).

Counter-cyclical capital rules will mean that banks will have much more capital going into the next crisis, so will be able to afford to lose much more. Why is that good?

Systemic risk is when market reaches equilibrium at below full production capacity. (Isn’t that a Depression – Funny how the words change)

Need to pay attention to who has cash when the crisis happens. They are the potential white knights.

Correlations are caused by cross holdings of market participants – Hunts held cattle and silver in 1908’s causing correlations in those otherwise unrelated markets. Such correlations are totally unpredictable in advance.

National Institute of Financa proposal for a new body to capture and analyze ALL financial market data to identify interconnectedness and future systemic risks.

If there is better information about systemic risk, then firms will manage their own systemic risk (Wanna Bet?)

Proposal to tax firms based on their contribution to gross systemic risk.

Stress testing should focus on changes to correlations

Treatment of the GSE Preferred stock holders was the actual start of the panic. Leahman a week later was actually the second shoe to drop.

Banks need to include variability of Vol in their VAR models. Models that allowed Vol to vary were faster to pick up on problems of the financial markets. (So the stampede starts a few weeks earlier.)

Many, many good questions and good ideas at the RISK USA conference in New York. Here is a brief sampling:

Risk managers are spending more time showing different constituencies that they really are managing risk.

May want to change the name to “Enterprise Uncertainty Management”

Two risk managers explained how their firms did withdraw from the mortgage market prior to the crisis and what sort of thinking by their top management supported that strategy

Now is the moment for risk management – we are being asked for our opinion on a wide range of things – we need to have good answers

Availability of risk management talent is an issue. At both the operational level and the board level.

Risk managers need to move to doing more explaining after better automating the calculating

Group think is one of the major barriers of good risk management

Regulators tend to want to save too many firms. Need to have a middle path that allows a different sort of resolution of a troubled firm than bankrupcy.

Collateral will not be a sufficient solution to risks of derivatives. Collateral covers only 30 – 50% of risk

No one has ever come up with a theory for the level of capital for financial firms. Basel II is based upon the idea of keeping capital at about the same level as Basel I.

Disclosure of Stress tests of major banks last Spring was a new level of transparency.

Banking is risky.

Systemic Risk Regulation is impossibly complicated and doomed to failure.

Systemic Risk Regulation can be done. (Two different speakers)

In Q2 2007, the Fed said that the sub-prime crisis is contained. (let’s put them in charge)

Having a very good system for communicating was key to surviving the crisis. Risk committees met 3 times per day 7 days per week in fall 2008.

Should have worked out in advance what do do after environmental changes shifted exposures over limits

One firm used ratings plus 8 additional metrics to model their credit risk

Need to look through holdings in financial firms to their underlying risk exposures – one firm got red of all direct exposure to sub prime but retained a large exposure to banks with large sub prime exposure

Active management of counterparties and information flow to decision makers of the interactions with counter parties provided early warning to problems

Several speakers said that largest risk right now is regulatory changes

One speaker said that the largest Black Swan was another major terrorist attack

Next major systemic risk problem will be driven primarily by regulators/exchanges

Some of structured markets will never come back (CDO squareds)

Regret is needed to learn from mistakes

No one from major firms actually went physically to the hottest real estate markets to get an on the ground sense of what was happening there – it would have made a big difference – Instead of relying solely on models.

Discussions of these and other ideas from the conference will appear here in the near future.

As we look at the financial system and contemplate what makes sense going forward, it should be important to think through what we plan to do with losses going forward.

There are at least seven possibilities. As a matter of public policy, we should be discussing where the attachment should be for each layer of losses. Basel 2 tries to set the attachment for the fourth layer from the bottom, without directly addressing the three layers below.

So for major loss scenarios, we should have a broad idea of how we expect the losses to be distributed. Recent practices have focused on just a few of these layers, especially the counterparty layer. The “skin in the game” idea suggests that the counterparties, when they are intermediaries, should have some portion of the losses. Other counterparties are the folks who are taking the risks via securitizations and hedging transactions.

However, we do not seem to be discussing a public policy about the degree to which the first layer, the borrowers, needs to absorb some of the losses. In all cases, absorbing some of the losses means that that layer really needs to have the capacity to absorb those losses. Assigning losses to a layer with no resources is not an useful game. Having resources means having valuable collateral or dependable income that can be used to absorb the loss. It could also mean having access to credit to pay the loss, though hopefully we have learned that access to credit today is not the same as access to credit when the loss comes due.

+ + + +

This picture might be a useful one for risk managers to use as well to clarify things about how losses will be borne that are being taken on by their firm. The bottom layer does not have to be a borrower, it can also be an insured.

This might be a good way to talk about losses with a board. Let them know for different frequency/severity pairs who pays what. This discussion could be a good part of a discussion on Risk Appetite and Risk Limits as well as a discussion of the significance of each different layer to the risk management program of the firm.

The “skin in the game” applies at the corporate level as well. If you are the reinsurer or another counterparty, you might want to look at this diagram for each of your customers to make sure that they each have enough “skin” where it counts.

Like this:

On April 7 2009, the Financial Times published an article written by Nassim Taleb called Ten Principles for a Black Swan Free World. Let’s look at them one at a time…

6. Do not give children sticks of dynamite, even if they come with a warning . Complex derivatives need to be banned because nobody understands them and few are rational enough to know it. Citizens must be protected from themselves, from bankers selling them “hedging” products, and from gullible regulators who listen to economic theorists.

It is my opinion that many bubbles come about after a completely incorrect valuation model or approach becomes widely adopted. Today, we have the advantage over observers from prior decades. In this decade we have experienced two bubbles. In the case of the internet bubble, the valuation model was attributing value to clicks or eyeballs. It had drifted away from there being any connection between free cashflow and value. As valuations soared, people who had internet investments had more to invest in the next sensation driving that part of the bubble. The internet stocks became more and more like Ponzi schemes. In fact, Hyman Minsky described bubbles as Ponzi finance.

In the home real estate bubble, valuation again drifted away from traditional metrics, the archaic and boring loan to value and coverage ratio pair. It was much more sophisticated and modern to use copulas and instead of evaluating the quality of the credit to use credit ratings of a structured securities of loans.

Goerge Soros has said that the current financial crisis might just be the final end of a fifty year mega credit bubble. If he is right, then we will have quite a long slow ride out of the crisis.

There are two aspects of derivatives that I think were ignored in the run up to the crisis. The first is the leverage aspect of derivatives. A CDS is equivalent to a long position in a corporate bond and a short position in a risk free bond. But few observers and even fewer principals considered CDS as containing additional leverage equal to the full notional amount of the bond covered. And leverage magnifies risk. Worse than that.

Leverage takes the cashflows and divides them between reliable cashflows and unreliably cashflows and sells the reliable cashflows to someone else so that more unreliable cashflows can be obtained.

The second misunderstood aspect of the derivatives is the amount of money that can be lost and the speed at which it can be lost. This misunderstanding has caused many including most market participants to believe that posting collateral is a sufficient risk provision. In fact, 999 days out of 1000 the collateral will be sufficient. However, that other day, the collateral is only a small fraction of the money needed. For the institutions that hold large derivative positions, there needs to be a large reserve against that odd really bad day.

So when you look at the two really big, really bad things about derivatives that were ignored by the users, Taleb’s description of children with dynamite seems apt.

But how should we be dealing with the dynamite? Taleb suggests keeping the public away from derivatives. I am not sure I understand how or where the public was exposed directly to derivatives, even in the current crisis.

Indirectly the exposure was through the banks. And I strongly believe that we should be making drastic changes in what different banks are allowed to do and what different capital must be held against derivatives. The capital should reflect the real leverage as well as the real risk. The myth that has been built up that the notional amount of a derivative is not an important statistic and that the market value and movements in market value is the dangerous story that must be eliminated. Derivatives that can be replicated by very large positions in securities must carry the exact same capital as the direct security holdings. Risks that can change overnight to large losses must carry reserves against those losses that are a function of the loss potential, not just a function of benign changes in market values and collateral.

In insurance regulatory accounting, there is a concept called a non-admitted asset. That is something that accountants might call an asset but that is not permitted to be counted by the regulators. Dealings that banks have with unregulated financial operations should be considered non-admitted assets. Transferring something off to the books to an unregulated entity just will not count.

So i would make it extremely expensive for banks to get anywhere near the dynamite. Or to deal with anyone who has any dynamite.